W3C

XML Security Working Group Teleconference

09 Aug 2011

Agenda

See also: IRC log

Attendees

Present
Frederick_Hirsch, Chris_Solc, Hal_Lockhart, Gerald_Edgar, Scott_Cantor, Cynthia_Martin, Bruce_Rich
Regrets
Pratik_Datta, Ed_Simon, Magnus_Nystrom, Brian_LaMacchia
Chair
Frederick_Hirsch
Scribe
Hal

Contents

<trackbot> Date: 09 August 2011

<fjh> ScribeNick: Hal

Administration

Minutes Approval

<fjh> Approve minutes, 2 August 2011

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/att-0005/minutes-2011-08-02.html

<fjh> Proposed RESOLUTION: Minutes from 2 August are approved.

RESOLUTION: Minutes from 2 August are approved.

XML Security 1.1

<fjh> please review editorial updates to resolve LC issues

<fjh> LC-2502 (substantive), ACTION-816

<fjh> change RetrievalMethod toKeyInfoReference for SHOULD

<fjh> Done, please review: http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0007.html

<fjh> LC2506 changes completed

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0008.html\

<fjh> RetrievalMethod in 2.0

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0010.html

<scantor> I don't think we have a good basis for barring Transforms *inside* RetrievalMethod itself as part of the general 2.0 changes

<fjh> proposed RESOLUTION: update 2.0 spec to treat RetrievalMethod same as in 1.1, specifically not disallow Transform within RetrievalMethod

<scantor> rather, we should make it a deprecated feature

<fjh> also should consider deprecating in 1.1 and disallowing in 2.0

RESOLUTION: update 2.0 spec to treat RetrievalMethod same as in 1.1, specifically not disallow Transform within RetrievalMethod

<fjh> ACTION: tlr to remind WG how to deprecate RetrievalMethod in 1.1 and disallow in 2.0 appropriately [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action01]

<trackbot> Created ACTION-820 - Remind WG how to deprecate RetrievalMethod in 1.1 and disallow in 2.0 appropriately [on Thomas Roessler - due 2011-08-16].

<fjh> ACTION: fjh to update 2.0 spec to treat RetrievalMethod same as in 1.1, specifically not disallow Transform within RetrievalMethod [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action02]

<trackbot> Created ACTION-823 - Update 2.0 spec to treat RetrievalMethod same as in 1.1, specifically not disallow Transform within RetrievalMethod [on Frederick Hirsch - due 2011-08-16].

<fjh> ACTION-814?

<trackbot> ACTION-814 -- Magnus Nystrom to make namespace ("&xenc;") related edits in XML Encryption 1.1 -- due 2011-07-05 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/814

<fjh> in progress

XML Security 2.0

<fjh> LC-4288, detailed comments from Paul Grosso

<fjh> ACTION-802: Pratik Datta to Review comments from XML Core WG and formulate response, http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html

<fjh> ACTION-810: Pratik Datta to Review and respond to additional XML Core WG comments http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html

<fjh> close ACTION-810 as duplicate of ACTION-802?

<trackbot> ACTION-810 Review and respond to additional XML Core WG comments http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html notes added

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jul/0018.html

<fjh> Need to send formal reply to XML Core/ Paul?

<fjh> LC-2487, change name of attribute from type to Attribute

<fjh> ACTION-809?

<trackbot> ACTION-809 -- Pratik Datta to fix examples in signature 2.0 -- due 2011-06-21 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/809

<fjh> ACTION-717?

<trackbot> ACTION-717 -- Pratik Datta to document the Performance improvements with 2.0 -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/717

Test Cases

<fjh> 1.0 (regression), http://www.w3.org/2008/xmlsec/Drafts/testing/test-coverage-10.html

<fjh> 1.1, http://www.w3.org/2008/xmlsec/Drafts/testing/test-coverage-11.html

<fjh> 2.0, http://www.w3.org/2008/xmlsec/Drafts/testing/test-coverage-20.html

<fjh> Writing testable conformance requirements, http://www.w3.org/TR/test-methodology/

<fjh> ACTION: fjh to post suite b interop material from Cynthia [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action03]

<trackbot> Created ACTION-821 - Post suite b interop material from Cynthia [on Frederick Hirsch - due 2011-08-16].

XML Encryption

<fjh> do we need XML Encryption 1.1 and update to algorithms in 1.1 as well as other fixes.

<fjh> proposed change - disallow pkcs# 1.5 for generation (language analogous to sha-1)

<fjh> ACTION: fjh to propose XML Encryption 1.1 and associated changes [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action04]

<trackbot> Created ACTION-822 - Propose XML Encryption 1.1 and associated changes [on Frederick Hirsch - due 2011-08-16].

Adjourn

Summary of Action Items

[NEW] ACTION: fjh to post suite b interop material from Cynthia [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action03]
[NEW] ACTION: fjh to propose XML Encryption 1.1 and associated changes [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action04]
[NEW] ACTION: fjh to update 2.0 spec to treat RetrievalMethod same as in 1.1, specifically not disallow Transform within RetrievalMethod [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action02]
[NEW] ACTION: tlr to remind WG how to deprecate RetrievalMethod in 1.1 and disallow in 2.0 appropriately [recorded in http://www.w3.org/2011/08/09-xmlsec-minutes.html#action01]
 
[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $